Macmillan Cancer Support Improves Security

Founded in 1911, Macmillan Cancer Support is one of the largest British charities, providing specialist healthcare, financial support, and information to support cancer patients and others who are directly affected by cancer, including caregivers and family members. The organization is 98% funded by voluntary donations, so fundraising is essential to making sure it’s possible to deliver the vital support needed by people living with cancer. In 2021, the organization’s services reached 2.4 million people, funded by £227.5 million in donations. To cost-effectively mitigate security risks, Macmillan chose Akamai Guardicore Segmentation.

Macmillan had evolved to operate in a hybrid manner even before the COVID-19 pandemic. The organization calls upon a mix of legacy and modern network infrastructure and apps, and supports employees to work remotely. 

When the pandemic hit, the organization’s website and chat functionality grew in importance. All support staff at the call center, which fields thousands of calls annually, moved to working from home. 

As Tim O'Neill, Head of Information Security for Macmillan, explains, “If anyone is disincentivized to contact us because they’re not confident their information will remain confidential, we have failed.” 

To that end, Macmillan’s information security and information governance teams work closely together to ensure that they collect and share only the data that is needed to deliver on their mission. The shift to remote work put new pressure on that data collection process. 

Ransomware was an increasingly worrying threat, but Macmillan’s lean information security team suffered from alert fatigue and struggled to actively react to events. The data from internal traffic routed through firewalls was sent to the organization’s security information and event manager (SIEM), which resulted in a barrage of noise. The cost to modernize legacy systems incapable of encrypting data at rest or in transit was estimated to be at least £1 million.

Macmillan needed a cost-effective way to mitigate its risks. “We’re really an enterprise with a charitable product, and are continually maturing how we work,” continues O’Neill.

To minimize risk and increase visibility, O’Neill began researching segmentation solutions. After running proofs of concept of Akamai Guardicore Segmentation and other options, Macmillan chose Akamai. 

“Some solutions required agents on all assets, which is a sledgehammer approach to segmentation. Akamai Guardicore Segmentation’s simplicity and visibility stood out. Once an agent was installed on a server, we immediately knew what was going on,” says O’Neill.

According to Graham Popperwell, Senior Information Security Analyst for Macmillan, “We were impressed by the ease and speed of deployment, and how quickly we were able to get accurate and aggregated network logs — which enables us to focus on specific connections between infrastructure components.”

O’Neill also emphasizes the Akamai Guardicore Segmentation detection engine that locates known attack techniques. Compared with other detection engines — such as those in endpoint security solutions and SIEM — the Akamai solution stood apart. Akamai Guardicore Segmentation “provides all event details, including all elements and the attack chronology. We are empowered to block the attack rather than waiting for a security solution vendor to provide an updated signature file,” O’Neill explains.

Macmillan uses Akamai Guardicore Segmentation to separate its production environment from nonproduction environments, and to segregate applications. In fact, it was able to implement key segmentation within months instead of years with Akamai’s solution. 

To prioritize securing the servers and endpoints, the organization risked its applications. According to Popperwell, “We risk-scored each application, assigned assets to that application, and then secured the nonproduction environment to ensure no adverse impact.”

Macmillan quickly created policies with Akamai Guardicore Segmentation. “The policy templates to lock down a network and the speed to create a ruleset are impressive,” says Popperwell. “It took just two weeks to create and analyze policies, and another week to fine-tune the rules.”

As O’Neill says, the key is to remedy problems and react quickly to something that has gone wrong — especially when it interrupts operations. “We use Akamai Guardicore Segmentation to identify incidents with the built-in detection engine, and to verify network logs. We are given incredible visibility, from the smallest lateral movement to the chronology of events. This has enabled us to protect ourselves effectively from the greatest of threats.”

Macmillan hasn’t experienced a ransomware event since implementing the solution. “There is always a way into a network, but Akamai Guardicore Segmentation helps us cordon off primary attack behavior elements. This helps us ensure we maintain the data privacy that is key to ensuring patients and their supporters feel their confidentiality is maintained at all times,” says O’Neill.

Akamai Guardicore Segmentation has also proven valuable in support of Macmillan’s industry certification audits. The organization is one of the only British charities that is ISO 27001–certified across its operations, including all volunteers and locations. Regulatory compliance with security standards like ISO 27001 require organizations such as Macmillan to take the best possible security precautions against potential attacks.

In addition to an annual external audit, Macmillan conducts internal audits throughout the year. According to O’Neill, Akamai Guardicore Segmentation plays multiple roles. 

One of the most important requirements of the ISO standard is the separation of development, testing, and operation environments. “We can demonstrate that those environments are segregated through the Akamai Guardicore Segmentation interface,” O’Neill says.

'His team also uses Akamai’s solution to demonstrate their daily checks. “We embrace an assumed breach mentality. Every morning, my team must prove to me that we have not been breached or missed any potential issues. Akamai Guardicore Segmentation is central to that exercise,” he continues.

As O’Neill says, a solid segmentation strategy enables Macmillan’s development team to work more freely. “We want to foster innovation via our developers, and Akamai Guardicore Segmentation enables this in a secure environment,” he says.

Results of this unfettered development include the ability to quickly spin up new avenues of fundraising and new ways of determining interest and viability. “A safe development environment helps us see what might gain traction before we decide whether to invest the time and money,” O’Neill continues.

To that end, Akamai’s solution has become an essential security tool for Macmillan. “Akamai Guardicore Segmentation is central to our security. With every renewal of the solution, I meet with competitors as a due-diligence measure and always conclude we made the right choice with Akamai Guardicore Segmentation,” continues O’Neill.

Equally important to O’Neill is Akamai’s commitment as a partner. “The security industry is riddled with vendors who disappear after the proof of concept. Akamai’s experts stay in contact with us, continually suggesting ways to make our operations better and easier. We are delighted that Akamai is now one of our primary strategic tech partners and we look forward to continuing to do whatever it takes to give people the support they need together,” concludes O’Neill.

At Macmillan, we give people with cancer everything we’ve got. If you’re diagnosed, your worries are our worries. We will move mountains to help you live life as fully as you can. And we don’t stop there. We’re going all out to find ever better ways to help people with cancer, helping to bring forward the day when everyone gets life-transforming support from day one. We’re doing whatever it takes. But without your help we can’t support everyone who needs us. To donate, volunteer, raise money or campaign with us, call 0300 1000 200 or visit macmillan.org.uk.

Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away. Learn more about Akamai’s cloud computing, security, and content delivery solutions at akamai.com and akamai.com/blog, or follow Akamai Technologies on Twitter and LinkedIn.